• shua_too@midwest.social
    link
    fedilink
    arrow-up
    175
    arrow-down
    2
    ·
    1 year ago

    Bitwarden is one I use several times a day. They do have a support plan for like $10 a year that gives a couple extra features like TOTP support, but the base level is incredibly robust. It’s open source, too. I know a lot of folks also host their own servers with Vaultwarden, but that’s a little beyond my skill level.

      • tool@r.rosettast0ned.com
        link
        fedilink
        arrow-up
        8
        ·
        1 year ago

        I pay for it just because it’s cheap and to support them

        I did this too when it first came out, and then the product became robust enough that I recommended we implement it at work because secrets management was non-existent. We have a bunch of licenses on the Enterprise plan now and it just keeps getting better each update.

        My only complaint is that migrating the data to a new server is a pain in the ass and never works correctly, even when following the migration instructions to the letter. Always have to open a ticket with them for that. Not enough of a pain to move to another product, though.

        I also still pay for my personal plan. It really is a fantastic product.

          • MucherBucher@lemmy.fmhy.ml
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Pretty uncommon to host company credentials via 3rd party as policy. It wouldn’t even be legal under national law for my field of work for example.

            • LUHG@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              Obviously situations are different but the majority of standard businesses will let bitwarden host. In fact, I’d put more trust in bitwarden than than most self hosting teams.

          • tool@r.rosettast0ned.com
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Because we have some contracts that stipulate any data related to the project, including secrets/credentials, must remain on-site, and in some cases, on an air-gapped network. Doesn’t make sense to spin up something else to manage those secrets when Bitwarden can do it all and satisfy the requirements of those contracts.

      • LUHG@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I use the business plan to seperate personal and business but the sharing features are also great.

    • canthidium@lemmy.world
      link
      fedilink
      arrow-up
      9
      ·
      1 year ago

      I just recently started using their totp function and I can’t believe I didn’t switch sooner. Just the fact alone that it automatically copies the code to your clipboard is such a Time saver not having to open up a separate app.

      • shua_too@midwest.social
        link
        fedilink
        arrow-up
        4
        arrow-down
        2
        ·
        1 year ago

        It’s a wild time saver. I can’t believe other folks go to a whole separate app for their codes! Hitting Ctrl+L to autofill passwords and user names then Ctrl+V for TOTP feels like a hack when I watch other people struggle with their other solutions.

        • haych@lemmy.one
          link
          fedilink
          arrow-up
          6
          ·
          1 year ago

          I use a separate app for my codes, if someone somehow gains access to my Bitwarden if they have TOTP as wellcthrn they have all my accounts. With my TOTP in another app they still can’t access them.

            • CapillaryUpgrade@lemmy.sdf.org
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              Not OP but, consider using something like a YubiKey or similar hardware key for your second factor authentication.

              They usually support multiple protocols so you only need to carry one around - and storing your second factor with your passwords is like putting all your eggs in one basket.

              Print out recovery codes or get an ekstra hardware key for backup and you get great security for surprisingly little effort.

        • canthidium@lemmy.world
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          Right! I was using Authy so I didn’t have to grab my phone every time, but even that was still having to open the Authy app and wait for it to load, copy+paste. But using the keyboard shortcuts for Bitwarden is just so fast. Like you said, feels like a hack. It even auto copies on Android and with the autofill, makes it so easy.

        • techgearwhips@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          I use keepassxc which autofills. Then 2fsa has an addon that auto adds the code. I’m in in under 10 seconds. I dread the idea of keeping my passwords and TOTP in the same vault.

        • Rai@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          4
          arrow-down
          3
          ·
          1 year ago

          It kinda does feel like it’s being promoted here, which seems unnecessary for a free, open-source program hahaha

            • Rai@lemmy.dbzer0.com
              link
              fedilink
              arrow-up
              5
              ·
              1 year ago

              I don’t doubt that! I’ve just seen it mentioned a LOT, much more than any other sites I’ve visited.

              I’m not suspicious about it anymore, though—if it wasn’t a free open-source program, that would be a different story! Spotting obvious ads disguised as comments everywhere on Reddit was always fun.

              • Mewtwo@lemmy.blahaj.zone
                link
                fedilink
                arrow-up
                2
                ·
                1 year ago

                Same, the last few posts about a password manager was heavily voted for bitwarden and keypass. It is suspicious, but at the same time Lemmy is primarily filled with techy programmers that are more in tune with tech than most people and lean toward open source and pirating.

                • LUHG@lemmy.world
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  1 year ago

                  I really don’t think it is promotion via paid users. It was talked about on Reddit a lot because it’s really good and the users like to promote it.

      • Rai@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        I kinda thought that too, but it’s free and open-source… so that would be weird.

        Looking into password managers, though, it does really seem like the best choice. Lastpass had breach lately, KeePass requires self-hosting, and other offerings cost more (and aren’t open-source.)

    • Emu
      link
      fedilink
      arrow-up
      16
      ·
      1 year ago

      I’ve never thought about it, how do they make money? I’ve never seen an ad or sent them money.

      • d-RLY?
        link
        fedilink
        arrow-up
        52
        ·
        1 year ago

        They make a large amount from Google paying them to be the default search engine. Also they have been making additional projects that can be subscribed to as add-ons for Firefox (like a VPN and an email forwarding service that allows you to make fake email addresses or phone numbers to use on sites that will forward the messages to your real inbox/phone). You can use a limited version of the email thing without paying though so it is easy to try out. And they are always ready to take donations of any size and can be reoccurring. I personally pay .99/month for the email service even though I don’t use it often. As it is nice to have if I need it, and it is basically a donation at that point. lol.

        Here are links to those products if you care to read more about them or at least see pricing.
        https://www.mozilla.org/en-US/products/vpn/

        https://relay.firefox.com/

        But even just making a point to donate some one-offs here and there does help in small ways to keep a real option in browsers that isn’t just another Chromium-based project.
        https://donate.mozilla.org/en-US/

        Everyone hated when IE was the only browser that sites were coded for, and we are seeing more and more Chromium only sites. Which means a bad vulnerability in Chromium will impact all the browsers based on it. Also privacy add-ons for Firefox tend to work better and block ads well.

      • GenEcon@lemm.ee
        link
        fedilink
        arrow-up
        19
        ·
        1 year ago
        1. Donations

        2. Getting payed by google to make it their default search engine.

      • 001100 010010@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        10
        ·
        1 year ago

        They get paid by Google to feature their search engine as the default primary search engine. In Fennec, the non-google-play version of mobile browser Firefox, Duckduckgo is set as default, even though both versions are maintained by Mozilla, the non-profit organization behind Firefox.

    • EzekielJK@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      I adore Firefox but several years ago, Google Suite (Docs, Sheets, Forms, etc) decided to change their font system in some bizarre way that they’re never formatted right on Firefox and cause spacing issues. It sucks because I use Docs and Sheets so frequently that I end up needing to keep two browsers installed and switch whenever I want to work on some of my projects.

      • 001100 010010@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Fennec is only for Android, because the desktop Firefox doesn’t have have weird app-store shennanigans to begin with, so there’s no point of maintaining Fennec for desktop.

        And I do use Fennec for Android, just to keep the Google-Play shennanigans out of my browser.

    • eco@lemmy.world
      link
      fedilink
      arrow-up
      15
      ·
      edit-2
      1 year ago

      Microsoft is adding extensive archive format support (using libarchive) to Windows 11. I’d like to thank 7-zip for its service over the decades, though.

      • LUHG@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        The way Msoft are going with right click options I’m doubtful it’ll complete.

        • eco@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          If you’re talking about the more limited set of options you get when you right click a file in Windows 11, just hold shift while right clicking to get the original options. You’ve actually been able to hold shift to get additional options going way back, I think to windows XP.

          There’s a lot of extra useful options in there too like opening command prompts to the current folder and copying file paths to the clipboard.

    • Nevoic@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      On this note it’s crazy there are people who will spend over $100 on a Windows license, when all they do is use a web browser or simple productivity apps like spreadsheets or word.

      I can get if you’re using some adobe products, or some game that hasn’t been updated to the Linux compatible EAC, but for the vast majority of people paying over $100 (or having that cost passed onto you from the manufacturer if Windows is preinstalled) is crazy.

  • limeaide
    link
    fedilink
    arrow-up
    99
    ·
    edit-2
    1 year ago

    Bitwarden and firefox

    I don’t use it but blender is another one

    • satchmo@infosec.pub
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      For the self-hosters out there, there’s VaultWarden, which works seamlessly with all Bitwarden plugins and apps.

      It’s very lightweight and easy to setup and run. It has support for multiple accounts, so you can use it for your family, or business, or whatever!

      • OsrsNeedsF2P
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        1 year ago

        Blender is an open source 3D art/graphics program, on-par with what companies charge hundreds of dollars per month for. Unlike some things where people say “Use GIMP instead of Photoshop!”, Blender is actually industry standard everywhere I’ve worked

  • G0FuckThyself@lemmy.world
    link
    fedilink
    arrow-up
    92
    ·
    edit-2
    1 year ago

    Firefox, ppsspp, termux, VLC, Tachiyomi(SY), and KeypassXC/DX are coming to my mind. Probably there are a lot more. These are for android. Although they do apply to desktop except termux and Tachiyomi.

    Edit: I haven’t added the various FOSS tools as they don’t really come in “App” Category. Some of them:

    • Linux kernel
    • git
    • gcc
  • kibiz0r@lemmy.world
    link
    fedilink
    arrow-up
    66
    arrow-down
    5
    ·
    edit-2
    1 year ago

    Genuinely free? VSCode

    Freemium: Discord

    You pay with your data: Google Maps

    • RGB3x3@lemmy.world
      link
      fedilink
      arrow-up
      33
      arrow-down
      2
      ·
      1 year ago

      If there’s one service that I’m okay giving my data over for, it’s Google maps.

      Without that, we wouldn’t have traffic data or how busy a business is. Crowd sourcing information is the only way to get a service as good as google maps. It’s actually amazing to me that it’s free given all of the satellite and street imaging done.

      • geoma
        link
        fedilink
        arrow-up
        22
        arrow-down
        1
        ·
        1 year ago

        I used to contribute to google maps. I had the same vision you do. But then I learned about their dark way of stealing people’s data. All your contributions to google maps are now property of google. You are giving away your efforts so one of the richest world companies becomes richer. And keep abusing their users. So now I use openstreetmap.org

        • IlIllIIIllIlIlIIlI@lemmy.world
          link
          fedilink
          arrow-up
          16
          ·
          1 year ago

          I remember when I tried OSM maps for navigate my city a lot of years ago, awful experience. Today is almost perfect and changes in roads are updated so fast. I love OpenStreetMap.

          • IntlLawGnome@lemmy.ca
            link
            fedilink
            arrow-up
            4
            ·
            1 year ago

            I had the same experience with OSM maps years ago, but you’ve convinced me to give it another chance. I’m looking forward to seeing if it handles public transport in Vancouver as well as Google Maps does.

    • PeterPoopshit
      link
      fedilink
      arrow-up
      20
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Yeah why the fuck is that? VSCode has no business being as good as it is. It’s developed by Microsoft, after all. Are they planning to take it away from us and charge money for it in a few years? Why does it work on Linux so easily? Is it a government conspiracy to fill our brains with subliminal messages somehow? Wtf is the catch?

      My best educated guess is that’s it’s a ploy of some kind. If Microsoft makes a free code editor that’s really good, maybe no one will make a free open source one that’s as good so that they will have control over the 1 most viable code editor? There are other things similar to VSCode but they cost money and are too big a pain to pirate because VSCode is better than them anyway.

      • ralC@lemmy.fmhy.ml
        link
        fedilink
        arrow-up
        11
        ·
        1 year ago

        It’s not only VSCode, it’s also Github and C# and TypeScript to a lesser extent as well, probably. They want to have control over the “coding” ecosystem. And look at what they already did with github, they trained AI on all projects on it, and they then sell access to that AI.

        • tool@r.rosettast0ned.com
          link
          fedilink
          arrow-up
          4
          arrow-down
          1
          ·
          1 year ago

          Github Copilot is worth the money. I’ve had it finish out functions for me after just a few lines. There’s usually an error or two, but the consistency with which it can predict what I’m doing or trying to do is pretty impressive.

          • aes_256@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Copilot was trained on copylefted code while itself being closed. What was brought to attention by @ralC@lemmy.fmhy.ml isn’t efficacy, but Microsoft’s lack of ethics and social responsibility when it comes to their bottom line.

            • tool@r.rosettast0ned.com
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              1 year ago

              Copilot was trained on copylefted code while itself being closed. What was brought to attention by @ralC@lemmy.fmhy.ml isn’t efficacy, but Microsoft’s lack of ethics and social responsibility when it comes to their bottom line.

              I honestly don’t have a problem with that. Everything that it was trained on is publicly-available/open-source code, and I’m not aware of any license that requires you to distribute your modifications if you don’t make modified binaries publicly available, not even GPL. And even then, you’re only required to make available the code that was modified, not related code. And I don’t even think that situation would apply in this case, since nothing was modified, it was just ingested as training data. Copilot read a book, it didn’t steal a book from the library and sell it with its name pasted over the original author’s.

              This isn’t really any different of a situation than a closed-source Android app using openssl or libcurl or whatever. Just because those open-source libraries were employed in the making of the app doesn’t mean that the developer must release the source for that app, and it doesn’t make them a bad person for trying to make money from selling that app. Even Stallman is on board with selling software.

              And even if you take all that off the table, you’re free to do the exact same thing and make a competitor. Microsoft didn’t make their own language model, they’re using a commercially-available model developed by OpenAI. There’s literally nothing stopping anyone else from doing this as well and making a competing service called “Programming Pal” and making their code open-source. In fact, it’s already been done with FauxPilot and CodeGeex and the like.

              So yeah, I really don’t have a problem with it. This ended up a lot longer than I had originally thought it would, sorry for the novel.

                • tool@r.rosettast0ned.com
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  1 year ago

                  Yep. I’m not making a proclamation, just stating an opinion. I don’t have a problem with what they’re doing, and if other people do, that’s fine. Some people like their cucumbers pickled, let them have their pickle.

                  I actually wouldn’t be surprised to see it go open source in the future, Microsoft has been doing that a lot recently, like VScode and the whole of .NET and friends like PowerShell. Pretty much the only things worthwhile from Microsoft are already open source, except Copilot.

        • PeterPoopshit
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          How can we use C# in a responsible and FOSS way? A huge advantage of C# is that it can’t run into include order problems like C++ can. This makes it easier to make better object oriented games because the object structure can be more useful and you can get better results even if your object structure planning wasn’t as well thought-out.

      • kibiz0r@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        They learned their lesson with the old Visual Studio. Spending all of that money to maintain an IDE where the core 90% of it was no better than any open source or shareware alternative.

        The only reasons people needed VS specifically were all features that could easily be turned into self-contained plugins.

        And with everything turning into cloud services, there’s pretty much no point in trying to sell installable local apps that are impossible to fully DRM and have no justifiable subscription fees.

        And when an enterprise goes to pick a cloud repo service, cloud code workspace, cloud hosting, devops system, AI development assistant, etc… Who are they gonna pick? Maybe the one from the same company that makes “that one app all our devs rave about”?

    • phoukas@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      I feel like the Google maps algorithm has gotten worse over the last year or so. Maybe it’s the Android auto interfacing with my car, but it sends me on weird routes sometimes even with a similar eta. I think it might be related to the eco settings but man is it annoying.

    • geoma
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      Discord also makes you pay with your data.

      • kibiz0r@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Their privacy policy says they don’t sell your data.

        Not that you should automatically trust any communication platform (present Lemmies excluded), but exchange of data for services is at least not the business model on paper.

        In a sense, you still “are the product”, because people won’t buy Nitro if there’s noone to talk to.

        But that’s different from like… tracking micro-motions of your mouse to categorize your personality traits and increase ad conversions.

          • kibiz0r@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            Looks like that’s based on an outdated TOS. Even then, those terms are pretty tame except for the one about transferable license for uploaded content, which has thankfully been narrowed by a lot in the current TOS. (Now it just means: We’re allowed to store your images on S3, resize them, and show them to people you specifically selected to send them to.)

            For a company that’s worried about 230 safe harbor, GDPR, CCPA, and wants to promote their first-party products at you, this is all standard.

            Also:

            This service does not sell your personal data

            • geoma
              link
              fedilink
              arrow-up
              1
              arrow-down
              1
              ·
              1 year ago

              it’s still a proprietary centralised platform that depends on a single private entity that we trust. I don’t see why to choose that over libre decentralised ones.

  • frippa
    link
    fedilink
    arrow-up
    60
    ·
    1 year ago

    Jellyfin, it’s literally free Netflix if you own even just an old computer and some storage. Also open source that is another huge plus

  • philpo@feddit.de
    link
    fedilink
    arrow-up
    52
    ·
    1 year ago

    Home Assistant. It is an incredibly powerful smart home solution that is far more capable than any other solution one needs to pay for.